directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Willeke <...@willeke.com>
Subject Re: Ldap for CRL
Date Mon, 31 Jan 2011 17:37:05 GMT
Novell's eDirectory can manage CRLs within the directory:
http://www.novell.com/documentation/crt33/crtadmin/?page=/documentation/crt33/crtadmin/data/acecl36.html#bwtkvhj

-jim
Jim Willeke


On Mon, Jan 31, 2011 at 10:14 AM, Jorge Infante Osorio <jorgeio@uci.cu>wrote:

> Hi Alex.
>
> -----Mensaje original-----
> De: akarasulu@gmail.com [mailto:akarasulu@gmail.com] En nombre de Alex
> Karasulu
> Enviado el: lunes, 31 de enero de 2011 9:25
> Para: users@directory.apache.org
> Asunto: Re: Ldap for CRL
>
> Hi Jorge,
>
> On Mon, Jan 31, 2011 at 4:12 PM, Jorge Infante Osorio <jorgeio@uci.cu
> >wrote:
>
> > Hi all.
> > I want to know if I can use ApacheDS as a CDP for certificate list
> > management.
> >
> >
> Right now the directory as you know the ideal place to store X509
> certificates. This is the only function we provide presently. As a thin
> layer a CA can easily sit on top of the directory.
>
> There's probably a schema or draft available to manage revocation lists in
> the DIT. Besides this custom (extended) operations can be provided but the
> only one we've experimented with is a create certificate function. Other
> extension mechanisms are also available, like a specific protocol handler
> in
> the network layer (MINA), that handles the network part of the CDP
> protocol,
> and accesses the DIT to manage certificates.
>
> Can you point me out some other Ldap implementation that offers this
> functionalities. ??
> We have a CA and we are searching the way of management the revocation
> certificate list for the portal users of our system.
>
> Jorge.
>
> HTH,
> --
> Alex Karasulu
> My Blog :: http://www.jroller.com/akarasulu/ Apache Directory Server ::
> http://directory.apache.org Apache MINA :: http://mina.apache.org To set
> up
> a meeting with me: http://tungle.me/AlexKarasulu
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message